As computing devices are becoming more prevalent and more portable, there is an increasing need to preserve the security and privacy of certain types of data. For example, in the healthcare field, a patient's private health information used to be limited to physical paper documents stored in a file or chart at a medical facility. Security of these documents, therefore, was easier to maintain as unless another physical copy of the document was made, the data was all stored in one place. More recently these documents have now migrated to electronic format, it is much easier for multiple copies of the documents to be located on different machines, some of which may not be secure. For example, healthcare/patient data is now easier to access at the point of care though mobile devices, but the mobile access introduces a situational or other contextual aspect that may not match the privacy of the data in its original setting. Patients have a right to expect their data is accessed and used appropriately based on specific situations or contexts and not just anytime, anywhere an authorized mobile application requests it.
Existing technical solutions to this problem involve authorization and access controls. These controls implement various computer networking security techniques such as encryption and identity recognition (e.g., user names and passwords) to prevent unauthorized individuals from accessing data. These solutions, however, lack the technical ability to prevent an otherwise authorized or authenticated individual from accessing or viewing data in contexts that would not be appropriate. For example, it may be appropriate for a physician to view a hospital patient's private medical information on a tablet computer while making rounds at the hospital, but it may not be appropriate for that physician to view the hospital patient's private medical information at home, or using a different device, etc. This problem may be exacerbated by the fact that some applications are designed to operate in offline mode, without connection to networks such as the Internet. Such applications may be authorized to download and display confidential information while connected but then subsequently still be able to display the downloaded confidential information while offline. One solution might be to prevent display of the confidential information while the application is in offline mode, but this does not take into account situations where the application might be otherwise permitted to display the data despite operating in offline mode (e.g., when the mobile device is in an area of a hospital with poor connectivity). There currently is no technical mechanism for data to be restricted based on contextual information.